A decentralized gaming chat app — no servers, no accounts, no tracking.
Rekindle is a peer-to-peer desktop chat application built with Tauri 2 and the Veilid network. It provides end-to-end encrypted messaging, community channels, voice chat, and game detection without any central server. Visually inspired by the classic Xfire gaming client.
Gaming chat is dominated by centralized platforms that harvest data, require accounts, and control your social graph. Rekindle takes a different approach:
- No servers — messages route peer-to-peer over the Veilid network. There is nothing to shut down, no terms of service, and no single point of failure.
- No accounts — your identity is an Ed25519 keypair generated locally on your machine. No email, no phone number, no username/password sent anywhere.
- No tracking — Veilid's safety routes hide sender IP, private routes hide receiver IP. No central server logs who talks to whom.
- Real encryption — four layers deep. Signal Protocol (Double Ratchet) for 1:1 messages, AES-256-GCM group keys for community channels, XChaCha20-Poly1305 transport encryption on the wire, and Stronghold vault encryption at rest.
Early development. 1:1 messaging is the primary tested workflow. Voice calling, communities, and game detection are implemented but not yet confirmed working end-to-end. Expect rough edges. AI is used on this project. If it seems vibe coded, it probably is. THAT SAID, Contributors are expected to audit and correct every line by hand before major ver. releases
- End-to-end encrypted 1:1 chat via Signal Protocol (X3DH + Double Ratchet)
- Separate chat windows per conversation (classic IM style, not tabbed)
- Typing indicators, local read tracking, message history persisted in SQLite
- Offline message queue — messages retry automatically when a peer comes online
- Cap'n Proto wire format for compact, zero-copy serialization
- Create or join communities with text and voice channels
- Community server daemon (child process) for message relay and state management
- Role-based permissions with bitmask system (create/edit/delete/assign roles)
- Per-channel permission overwrites (role or member allow/deny)
- Moderation: kick, ban, unban, timeout with duration
- Invite by code or Ed25519-signed deep link (
rekindle://invite/{blob}) - Unlinkable community pseudonyms (different identity per community via HKDF)
- Group encryption via per-channel Media Encryption Keys (AES-256-GCM, primitives ready)
- Opus codec at 48kHz mono with voice activity detection
- Audio processing pipeline: RNNoise denoising + AEC3 echo cancellation
- Adaptive jitter buffer and multi-participant audio mixer
- Dedicated audio threads (cpal capture/playback) with mpsc transport
- Audio device selection (input/output)
- Global shortcut mute toggle (Ctrl+Shift+M)
- Cross-platform process scanning (Windows, macOS, Linux)
- JSON game database mapping process names to game metadata
- "Playing: Game Name" status published to your DHT profile
- Friends see what you're playing in real time on their buddy list
- Ed25519 keypair identity — no central authority, no registration
- Stronghold vault (AES-256-GCM + Argon2id KDF) protects private keys
- Signal Protocol sessions established via DHT-published PreKeyBundles
- Trust-on-first-use (TOFU) with optional out-of-band key verification
- Four-layer encryption stack (see docs/security.md)
- Frameless skinned windows with custom titlebar (classic IM aesthetic)
- System tray with status controls (online, away, busy, offline)
- Friend groups, nicknames, avatars
- Single-instance enforcement, autostart, system notifications
- Multi-identity support (multiple profiles on one machine)
Rekindle is structured as a four-layer stack:
┌─────────────────────────────────────────────────────────┐
│ SolidJS Frontend │
│ Windows, components, stores, handlers, styles │
├─────────────────────────────────────────────────────────┤
│ Tauri 2 IPC Bridge │
│ Commands (Frontend→Rust), Events (Rust→Frontend) │
│ Window management, system tray, plugins │
├─────────────────────────────────────────────────────────┤
│ Pure Rust Crates │
│ rekindle-protocol rekindle-crypto │
│ rekindle-game-detect rekindle-voice │
│ rekindle-server (community hosting daemon) │
├─────────────────────────────────────────────────────────┤
│ Veilid Network │
│ DHT storage, app_message routing, private routes │
│ XChaCha20-Poly1305 transport encryption │
└─────────────────────────────────────────────────────────┘
The frontend holds no business logic — it renders state and forwards user actions. All cryptography, networking, and protocol handling lives in pure Rust crates with zero Tauri dependency, ensuring they can be tested independently and reused outside the desktop shell.
| Layer | Technology |
|---|---|
| App Framework | Tauri 2 (Rust + webview) |
| Frontend | SolidJS + Tailwind 4 |
| Network | Veilid (DHT storage, P2P message routing) |
| Encryption | Signal Protocol (libsignal), XChaCha20-Poly1305, AES-256-GCM |
| Serialization | Cap'n Proto (wire format) |
| Voice | Opus codec, cpal audio I/O |
| Storage | SQLite (chat history), Stronghold (encrypted vault), DHT (presence/keys) |
| Dev Environment | Konductor (Nix flake) |
src/ Frontend (SolidJS + Tailwind 4)
windows/ One component per Tauri window
components/ Reusable UI (titlebar, buddy-list, chat, voice)
stores/ SolidJS reactive state
ipc/ Typed invoke() wrappers, event subscriptions
handlers/ Named event handler functions
styles/ Global CSS (@apply, no inline utilities)
src-tauri/ Tauri 2 Rust backend
src/
lib.rs App entry, plugin registration, setup
commands/ IPC command handlers (auth, chat, friends, voice, ...)
channels/ Event type definitions (chat, presence, voice, notification)
services/ Background services (7: veilid, messaging, presence, sync, game, community, server-health)
migrations/ SQLite schema (001_init.sql)
crates/
rekindle-protocol/ Veilid networking, DHT records, Cap'n Proto codec
rekindle-crypto/ Ed25519 identity, Signal Protocol, group encryption (MEK)
rekindle-game-detect/ Cross-platform process scanning, game database
rekindle-voice/ Opus encode/decode, audio capture/playback, VAD, jitter buffer
rekindle-server/ Community hosting daemon (child process)
schemas/ Cap'n Proto schema definitions (.capnp)
- Rust 1.92+ (via rustup)
- Node.js 22+ with pnpm
- Cap'n Proto compiler (
capnp) - CMake
- Platform-specific Tauri 2 dependencies (see below)
Linux (Debian/Ubuntu/Pop!_OS):
# Rust
curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh
source "$HOME/.cargo/env"
# Node.js LTS
curl -fsSL https://deb.nodesource.com/setup_lts.x | sudo -E bash -
sudo apt install -y nodejs
sudo npm install -g pnpm
# System dependencies
sudo apt install -y build-essential pkg-config curl wget cmake capnproto \
libwebkit2gtk-4.1-dev libgtk-3-dev libsoup-3.0-dev \
libjavascriptcoregtk-4.1-dev libayatana-appindicator3-dev \
libssl-dev libasound2-dev libopus-dev libsodium-devmacOS:
xcode-select --install
brew install capnp cmake libsodium opusRust and Node.js are also required on macOS — install via rustup
and nvm or Homebrew (brew install node),
then npm install -g pnpm.
Nix (optional dev environment):
A flake.nix is included for Nix users. It extends the
Konductor frontend devshell with
Rekindle-specific build deps. To use it, uncomment use flake in .envrc and
run direnv allow, or enter the shell manually with nix develop.
# Install frontend dependencies
pnpm install
# Run in development mode (hot-reload for both frontend and Rust)
pnpm tauri dev
# Production build
pnpm tauri build# Rust unit tests (all workspace crates)
cargo test --workspace
# E2E tests (real Rust backend + Playwright)
pnpm test:e2e
# Mock IPC tests (frontend only, stubbed responses)
pnpm test:mock
# Lint
cargo clippy --workspace -- -D warnings
pnpm tsc --noEmitAdding a friend: Share your public key out-of-band (paste, QR code, or deep link). The recipient sends a friend request over Veilid. Once accepted, both sides establish a Signal Protocol session via PreKeyBundles published to the DHT, and messaging begins.
Sending a message: Plaintext is encrypted with the Signal Protocol Double
Ratchet, signed with Ed25519, serialized into a Cap'n Proto envelope, and delivered
via app_message() through Veilid's routed network. The receiver's callback
decrypts, verifies, stores in SQLite, and emits an event to the frontend.
Presence: Each user publishes their status, display name, avatar, and game info
to an 8-subkey DHT profile record. Friends subscribe with watch_dht_values and
receive push notifications when any subkey changes.
Offline delivery: When a peer is unreachable, messages queue in SQLite. A background sync service retries delivery every 30 seconds until the peer comes online (up to 20 attempts).
| Document | Description |
|---|---|
| architecture.md | System architecture, layer responsibilities, data flow diagrams |
| protocol.md | Veilid integration, message lifecycle, DHT record layouts |
| security.md | Four-layer encryption stack, identity model, threat analysis |
| data-layer.md | SQLite schema, Stronghold vault, DHT record layout |
| frontend.md | SolidJS frontend, routing, stores, IPC layer |
| crates.md | Pure Rust crate reference (protocol, crypto, game-detect, voice, server) |
| tauri-backend.md | Tauri commands, events, services, state management |
| development.md | Build commands, testing, code conventions |
| roadmap.md | Implementation phases and completion status |